Private Composer registry for private PHP packages on AWS Serverless

Overview

Tug

Image of CloudFormation Launch Stack Build Status

Tug is a Composer private registry for private PHP packages installable with Composer (1 and 2). The main idea of this project is to have an intermediary between the management of its own server Packagist, or the use of a third party service, and the simple static packages generator like Satis. That is, do not be worried about updating package versions and SHA1s of the branches, while avoiding the cost of server maintenance and execution, or the high cost of third-party services.

For that, this project is hosted on your AWS account, using API Gateway with Lambda for the serverless code execution, DynamoDB for database, and S3 to storage the cached files, while using webhooks of services to automatically build packages and providers. With the serverless approach, the financial cost is extremely low, see free, and in most cases, only a few cents by month with the AWS Free Tier. You can see the pricing of S3, Lambda, DynamoDB and API Gateway for more details.

Also, this project is not intended to be another complete Packagist server, or a static packages generator like Satis, but bring some interesting features of the Packagist server (automatic update of package definitions) for a very low cost in case you use a third party service like Github or Gitlab to host your private packages, and that the use of VCS repositories makes every Composer update excessively long.

All features can be managed with the Progressive Web Application for desktop and mobile:

PWA screenshots

Features include:

  • Private registry compatible with Composer 1 and 2
  • Deploy the service in a few minutes with Amazon AWS Cloud Formation
  • Fully manage the remote service with the Progressive Web Application or the API Rest
  • Server messages and the Progressive Web Application are localized in multiple languages
  • Authenticate with the AWS IAM Credentials (access key id and secret access key)
  • Available drivers:
    • Github
    • Gitlab
  • Tiggers:
    • create the Composer package definition when the branch or tag is created
    • remove the Composer package definition when the branch or tag is deleted
    • refresh the commit SHA1 on each commit
  • Storage:
    • store the Composer package definitions, API keys and config in the DynamoDB
    • put in cache the package versions and providers in S3
    • track the download count of each package version by Composer
  • API Rest to:
    • configure the server
    • list the repositories
    • enable or disable manually each repositories
    • generate or delete the token used by the Webhooks
    • list the API keys
    • generate or delete an API key
    • list the package versions
    • generate all package definitions for a specific repository
    • show the details of each package version
    • refresh all packages or a specific package version
    • delete all packages or a specific package version
    • clean and rebuild the cache
  • CLI commands to manage the remote service:
    • enable or disable manually each Github repositories
    • enable or disable manually each Gitlab repositories
    • generate or delete the token used by the Github Webhooks
    • generate or delete the token used by the Gitlab Webhooks
    • generate or delete an API key
    • generate all package definitions for a specific repository
    • refresh all packages or a specific package version
    • delete all packages or a specific package version
    • show the Github tokens
    • show the Gitlab tokens
  • CLI commands to create and deploy manually:
    • configure interactively the project
    • create or remove the S3 bucket to deploy the code
    • build, package, and deploy automatically the project in AWS API Gateway, Lambda, SQS, DynamoDB, S3, IAM, and Cloud Watch with the Cloud Formation stack
    • remove the project on AWS (but keeping all the data in DynamoDB and S3)
    • serve the server in local for tests
  • All CLI commands use the API Rest of the Server
  • Auto configuration of the CLI tool:
    • authentication can be doing with the AWS Security Token Service (session token) or the AWS IAM Credentials
    • automatically configuration of the AWS credentials if the Shared Credentials File is present on your machine
    • automatically configuration of the AWS regions if the Shared Config File is present on your machine

Documentation

The bulk of the documentation is stored in the doc/index.md file in this project:

Read the Documentation

The latest version of the AWS CloudFormation Stack is to this url:

https://tug-dev.s3.amazonaws.com/latest.template

Installation

All the installation instructions are located in documentation.

License

This project is under the MIT license. See the complete license in the bundle:

LICENSE

About

Tug is a François Pluchino initiative. See also the list of contributors.

Reporting an issue or a feature request

Issues and feature requests are tracked in the Github issue tracker.

You might also like...
A small library for validating International Bankaccount Numbers (IBANs) based on the IBAN Registry provided by SWIFT

A small library for validating International Bankaccount Numbers (IBANs) based on the IBAN Registry provided by SWIFT

Your private self hosted composer repository with user management

Devliver Your private self-hosted composer repository. Requirements Docker MariaDB/MySQL the running docker container has access to private git reposi

A workbench for developing Composer packages.

studio Installation Usage Workflow Command Reference License Contributing For enterprise Develop your Composer libraries with style. This package make

Allow composer packages to define compilation steps

Composer Compile Plugin The "Compile" plugin enables developers of PHP libraries to define free-form "compilation" tasks, such as: Converting SCSS to

Installed composer packages info

PackageInfo This package was highly inspired from ocramius/package-versions I needed some methods to read data from the composer.lock file fast...this

Composer addon to efficiently get installed packages' version numbers

Package Versions composer/package-versions-deprecated is a fully-compatible fork of ocramius/package-versions which provides compatibility with Compos

This composer plugin is a temporary implementation of using symbolic links to local packages as dependencies to allow a parallel work process

Composer symlinker A Composer plugin to install packages as local symbolic links. This plugin is a temporary implementation of using symbolic links to

This composer plugin allows you to share your selected packages between your projects by creating symlinks
This composer plugin allows you to share your selected packages between your projects by creating symlinks

Composer - Shared Package Plugin This composer plugin allows you to share your selected packages between your projects by creating symlinks. All share

Dependency graph visualization for composer.json (PHP + Composer)
Dependency graph visualization for composer.json (PHP + Composer)

clue/graph-composer Graph visualization for your project's composer.json and its dependencies: Table of contents Usage graph-composer show graph-compo

Comments
  • Gitlab support

    Gitlab support

    First off; Awesome job on this satis implementation. Have been struggling with Satis for way to long and this solves everything that is wrong with the 'default' satis implementation.

    I have been following along since I first encountered this repository and created a branch to support Gitlab. Thought you might be interested in checking it out and possibly merging it.

    opened by Swahjak 4
  • Unable to save credentials

    Unable to save credentials

    I love the premise of this application. It matches what I'm trying to do exactly, and takes it one step further.

    However, when setting this up, I am unable to save my IAM credentials through the admin panel?

    I might be too eager and the application isn't deployed completely yet. Is everything OK when CloudFOrmation says "CREATE_COMPLETE" ?

    Should I just wait?

    When saving it just says "Forbidden".

    support 
    opened by tormjens 2
  • Bump acorn from 5.7.1 to 5.7.4

    Bump acorn from 5.7.1 to 5.7.4

    Bumps acorn from 5.7.1 to 5.7.4.

    Commits
    • 6370e90 Mark version 5.7.4
    • fbc15b1 More rigorously check surrogate pairs in regexp validator
    • 910e62b Mark version 5.7.3
    • 3442a80 Make generate-identifier-regex capable of rewriting src/identifier.js
    • 22b22f3 Raise specific errors for unterminated template literals
    • 1461c7c Fix a lint error
    • 0c12f63 Fix tokenizing of regexps after .of
    • 832c308 Fix 404 url
    • 95ca55c Mark version 5.7.2
    • bba80ab Remove another fixed test from the 262 whitelist
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
Releases(v1.0.2)
  • v1.0.2(Aug 18, 2022)

  • v1.0.1(Aug 16, 2022)

    Improvements

    • Update runtime version of AWS Lambda Function to Node.js v16.x (#5, 0f9b8dd4c87bd549325c3c0064f1b1e9820f630b)
    • Improve configuration of aws credentials (9a1ac3de54e20145440a65862d84929ff2e14234)
    • Improve filename of aws cloud formation template for package (f3484a73161f1a2edd4fa7eb5a2982f2f8776e87)
    • Update documentation (6ec2ea9c018d00920151a5eaafb19c8aeb40daeb)
    Source code(tar.gz)
    Source code(zip)
  • v1.0.0(Aug 10, 2021)

    New features

    • Private registry compatible with Composer 1 and 2
    • Deploy the service in a few minutes with Amazon AWS Cloud Formation
    • Fully manage the remote service with the Progressive Web Application or the API Rest
    • Server messages and the Progressive Web Application are localized in multiple languages
    • Authenticate with the AWS IAM Credentials (access key id and secret access key)
    • Available drivers:
      • Github
      • Gitlab
    • Tiggers:
      • create the Composer package definition when the branch or tag is created
      • remove the Composer package definition when the branch or tag is deleted
      • refresh the commit SHA1 on each commit
    • Storage:
      • store the Composer package definitions, API keys and config in the DynamoDB
      • put in cache the package versions and providers in S3
      • track the download count of each package version by Composer
    • API Rest to:
      • configure the server
      • list the repositories
      • enable or disable manually each repositories
      • generate or delete the token used by the Webhooks
      • list the API keys
      • generate or delete an API key
      • list the package versions
      • generate all package definitions for a specific repository
      • show the details of each package version
      • refresh all packages or a specific package version
      • delete all packages or a specific package version
      • clean and rebuild the cache
    • CLI commands to manage the remote service:
      • enable or disable manually each Github repositories
      • enable or disable manually each Gitlab repositories
      • generate or delete the token used by the Github Webhooks
      • generate or delete the token used by the Gitlab Webhooks
      • generate or delete an API key
      • generate all package definitions for a specific repository
      • refresh all packages or a specific package version
      • delete all packages or a specific package version
      • show the Github tokens
      • show the Gitlab tokens
    • CLI commands to create and deploy manually:
      • configure interactively the project
      • create or remove the S3 bucket to deploy the code
      • build, package, and deploy automatically the project in AWS API Gateway, Lambda, SQS, DynamoDB, S3, IAM, and Cloud Watch with the Cloud Formation stack
      • remove the project on AWS (but keeping all the data in DynamoDB and S3)
      • serve the server in local for tests
    • All CLI commands use the API Rest of the Server
    • Auto configuration of the CLI tool:
      • authentication can be doing with the AWS Security Token Service (session token) or the AWS IAM Credentials
      • automatically configuration of the AWS credentials if the Shared Credentials File is present on your machine
      • automatically configuration of the AWS regions if the Shared Config File is present on your machine
    Source code(tar.gz)
    Source code(zip)
Owner
Fxp
Open source repositories of @francoispluchino
Fxp
CDK patterns for serverless container with AWS Fargate

cdk-fargate-patterns CDK patterns for serverless container with AWS Fargate DualAlbFargateService Inspired by Vijay Menon from the AWS blog post intro

Pahud Hsieh 48 Sep 1, 2021
Composer registry manager that help to easily switch to the composer repository you want

CRM - Composer Registry Manager Composer Registry Manager can help you easily and quickly switch between different composer repositories. 简体中文 Install

Tao 500 Dec 29, 2022
A composer plugin, to install differenty types of composer packages in custom directories outside the default composer default installation path which is in the vendor folder.

composer-custom-directory-installer A composer plugin, to install differenty types of composer packages in custom directories outside the default comp

Mina Nabil Sami 136 Dec 30, 2022
Composer Repository Manager for selling Magento 2 extension and offering composer installation for ordered packages.

Magento 2 Composer Repository Credits We got inspired by https://github.com/Genmato. Composer Repository for Magento 2 This extension works as a Magen

EAdesign 18 Dec 16, 2021
Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins.

Imposter Plugin Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins. Built with ♥ by Typ

Typist Tech 127 Dec 17, 2022
Demo serverless applications, examples code snippets and resources for PHP

The Serverless LAMP stack Examples Code example Description AWS blog link 0.1-SimplePhpFunction A very simple implementation of a PHP Lambda function.

AWS Samples 303 Dec 20, 2022
Apache OpenWhisk is an open source serverless cloud platform

OpenWhisk OpenWhisk is a serverless functions platform for building cloud applications. OpenWhisk offers a rich programming model for creating serverl

The Apache Software Foundation 5.9k Jan 8, 2023
Repman - PHP Repository Manager: packagist proxy and host for private packages

Repman - PHP Repository Manager Repman is a PHP repository manager. Main features: free and open source works as a proxy for packagist.org (speeds up

Repman 438 Jan 2, 2023
A PHP 7.4+ library to consume the Confluent Schema Registry REST API

A PHP 7.4+ library to consume the Confluent Schema Registry REST API. It provides low level functions to create PSR-7 compliant requests that can be used as well as high level abstractions to ease developer experience.

Flix.TECH 38 Sep 1, 2022
💳 WordPress/WooCoommerce Brazilian Fields in Registry

Brazilian Fields in WordPress Registry A wordpress plugin that can be used for customize your website. Brazilian fields are added to the wordpress reg

Vinicius Blazius Goulart 7 Sep 20, 2022